vlm-verifier
Pass
Audited by Gen Agent Trust Hub on Jun 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The workflow includes the execution of a local Python script
scripts/validate_fraud_report.pyto programmatically verify the structure and compliance of the generated evaluation report before final output. - [PROMPT_INJECTION]: The skill ingests untrusted external data via user-uploaded documents and images for VLM/LLM analysis, creating a surface for indirect prompt injection.
- Ingestion points: User-provided loan application materials (Workflow Step 0 in SKILL.md).
- Boundary markers: Mandatory "read-before-write" verification steps and strict adherence to provided reference data.
- Capability inventory: Local command execution (
scripts/validate_fraud_report.py) for report validation. - Sanitization: Implements rigorous PII masking (ID numbers, bank accounts) and uses predefined structured templates for all outputs to prevent model context contamination.
Audit Metadata